The GDPR becomes effective on May 25th 2018. Not all companies are prepared for the new regulation or even fully aware of what this means for their business and their personal data policies. In this blogpost we highlight the important changes that you should have in mind.
What is GDPR?
The General Data Protection Regulation is a new legislation on how businesses, companies, government agencies and non-profits treat their clients' personal data. The new regulation is the first in over two decades within this area, and the aim is to renew the outdated laws and regulations on personal data protection. The new regulations are better adapted to modern technology and the ever-expanding amount of personal data that is stored in cloud solutions all over the world.
The new rules apply to all companies that collect data from EU or EEA (EØS) citizens, regardless of where the company is located. Hence, a company operating in the US will have to meet with the GDPR regulations if they manage data from one or more of the 31 EU or EEA (EØS) countries. The EU's goal is to improve personal data safety, by improving the protection of their citizens and to provide its citizens with more rights than they have today.
The GDPR therefore includes important changes such as the individual's right to be forgotten (erasure) and the right to limit how one's personal data is used, stored and processed which will mean great changes in how businesses currently treat personal data.
What will the GDPR mean to you and your business?
The new rules of the GDPR will mean significant changes for your organization, unless you have already adapted your business' IT strategy to meet the requirements of the new regulations. In general, the new regulation requires you to collect, store and use personal data in new ways.
The changes from the new rules for handling personal data can be summarised as follows:
How can we help you?
As a Microsoft Gold partner, we at Ironstone are thrilled to see the proactive steps Microsoft has taken towards GDPR compliance. Microsoft was the first cloud service provider to implement the stringent requirements of the ISO 27018.
The team at Ironstone are highly competent and have knowledge on the new requirements of GDPR, and what the new legislation means to businesses with personal data stored in cloud solutions. At Ironstone, we are committed to delivering technology and cloud products, which are made to be compliant with GDPR.